Re: [PATCH 4.4 059/268] xen-netfront: Fix race between device setup and open

From: Ben Hutchings
Date: Mon Jun 11 2018 - 10:29:45 EST

Next message: Matthew Wilcox: "[PATCH v13 08/72] xarray: Add xa_load"
Previous message: Matthew Wilcox: "[PATCH v13 02/72] dax: Fix use of zero page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2018-05-28 at 12:00 +0200, Greg Kroah-Hartman wrote:
> 4.4-stable review patch.ÂÂIf anyone has any objections, please let me know.
>
> ------------------
>
> From: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
>
> [ Upstream commit f599c64fdf7d9c108e8717fb04bc41c680120da4 ]
[...]
> --- a/drivers/net/xen-netfront.c
> +++ b/drivers/net/xen-netfront.c
[...]
> @@ -1839,6 +1824,7 @@ static int talk_to_netback(struct xenbus
> Â goto out;

This "goto out" is outside the locked section...

> Â }
> Â
> + rtnl_lock();
> Â if (info->queues)
> Â xennet_destroy_queues(info);
> Â
> @@ -1849,6 +1835,7 @@ static int talk_to_netback(struct xenbus
> Â info->queues = NULL;
> Â goto out;
> Â }
> + rtnl_unlock();
> Â
> Â /* Create shared ring, alloc event channel -- for each queue */
> Â for (i = 0; i < num_queues; ++i) {
> @@ -1945,8 +1932,10 @@ abort_transaction_no_dev_fatal:
> Â xenbus_transaction_end(xbt, 1);
> Â destroy_ring:
> Â xennet_disconnect_backend(info);
> + rtnl_lock();
> Â xennet_destroy_queues(info);
> Â out:
> + rtnl_unlock();

...so this will be an unmatched unlock.

You need to add another label below the rtnl_unlock().

Ben.

> Â device_unregister(&dev->dev);
> Â return err;
> Â}
[...]

--
Ben Hutchings, Software Developer Â Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom

Next message: Matthew Wilcox: "[PATCH v13 08/72] xarray: Add xa_load"
Previous message: Matthew Wilcox: "[PATCH v13 02/72] dax: Fix use of zero page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]